program Quickoff;
uses
Windows;
//Forms;
//{$R *.res}
function RtlAdjustPrivilege(Privilege: ULONG; Enable: BOOLEAN;
CurrentThread: BOOLEAN; Enabled: PBOOLEAN): DWORD; stdcall; external 'ntdll.dll';
function ZwShutdownSystem(arg: DWORD): BOOLEAN; stdcall; external 'ntdll.dll';
{调用ntdll.dll这个微软未公开的API函数实现提权与关机}
//implementation
begin
//Application.Initialize;
//Application.Run;
asm
PUSH ESP //依次将三个参数入栈,特别需要注意的是标准API遵循stdcall,由此注意入栈顺序。
PUSH 0
PUSH 1
PUSH $13
CALL RtlAdjustPrivilege //提权
PUSH 0
CALL ZwShutdownSystem //关机
end;
end.
使用汇编语言关机
最新推荐文章于 2022-12-04 19:50:29 发布